Using Azure Bicep and want to deploy your Bicep configuration to Azure using GitHub Actions, in this blog post I am going to show how you can achieve this!
What is Azure Bicep?
Its the Next Generation of ARM templates – Bicep is a Domain Specific Language (DSL) for ARM templates. Taken from the documentation:-
It aims to drastically simplify the authoring experience with a cleaner syntax and better support for modularity and code re-use. Bicep is a transparent abstraction over ARM and ARM templates, which means anything that can be done in an ARM Template can be done in bicep
https://github.com/Azure/bicep
Examples of Azure Bicep configurations can be found here:- https://github.com/Azure/bicep/tree/main/docs/examples
What is GitHub Actions?
They allow you to create workflows with your GitHub repository – similar to Azure DevOps Pipelines; they allow you create an automated workflow(s). They are pretty awesome!
Recommended reading
What is GitHub Actions for Azure
Azure/actions GitHub Repository
Bicep sample configuration
Before I show the sample configuration, I also recommend the Bicep extension for VSCode – it is awesome, with built-in Intellisense!
https://marketplace.visualstudio.com/items?itemName=ms-azuretools.vscode-bicep
In my example, I want my Bicep file to deploy an Azure Virtual Network
param location string = resourceGroup().location
var virtualNetwork = {
name: 'tamopsvnet'
location: location
addressPrefixes: [
'10.0.0.0/16'
]
subnets: [
{
name: 'testsubnet1'
properties: {
addressPrefix: '10.0.0.0/24'
}
}
{
name: 'testsubnet2'
properties: {
addressPrefix: '10.0.1.0/24'
}
}
]
}
resource virtualnetwork 'Microsoft.Network/virtualNetworks@2020-06-01' = {
name: virtualNetwork.name
location: virtualNetwork.location
properties: {
addressSpace: {
addressPrefixes: virtualNetwork.addressPrefixes
}
subnets: virtualNetwork.subnets
}
}
Folder Structure
thomasthorntoncloud-azurebicep-github-action
└── .github
└── workflows
└── azure-bicep-deploy.yml
└── BicepFiles
└── main.bicep
GitHub Repository Secrets
Within the GitHub repository to where you are going to be running the Bicep configuration, select settings -> secrets
Add 2 secrets
- AZURE_SUBSCRIPTION_ID – Subscription ID of the Azure Subscription
- AZURE_CREDENTIALS – in json format as below, this is the Service Principal that will be used for az login and to deploy your Bicep configuration
{
"clientId": "<GUID>",
"clientSecret": "<GUID>",
"subscriptionId": "<GUID>",
"tenantId": "<GUID>",
}
GitHub Action to Deploy Azure Bicep
To add this GitHub Action to your repository, within your GitHub Repo – select Actions -> Workflows -> New workflow
(Or if you merge into main branch with the folder structure above, it will automatically create the GitHub Action for you )
GitHub Action
name: 'AzureBicepDeploy'
on:
push:
branches:
- main
pull_request:
jobs:
AzureBicepDeploy:
name: 'AzureBicepDeploy'
runs-on: ubuntu-latest
env:
ResourceGroupName: tamops-bicep-rg
ResourceGroupLocation: "uksouth"
environment: production
steps:
- uses: actions/checkout@v2
- uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: Azure Bicep Build
run: |
az bicep build --file BicepFiles/main.bicep
- name: Az CLI Create Resource Group
uses: Azure/CLI@v1
with:
inlineScript: |
#!/bin/bash
az group create --name ${{ env.ResourceGroupName }} --location ${{ env.ResourceGroupLocation }}
- name: Deploy Azure Bicep
uses: Azure/arm-deploy@v1
with:
resourceGroupName: ${{ env.ResourceGroupName }}
subscriptionId: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
template: ./BicepFiles/main.json
Use below if AZ CLI < 2.20.0
- name: Azure Bicep Build
run: |
curl -Lo bicep https://github.com/Azure/bicep/releases/latest/download/bicep-linux-x64
chmod +x ./bicep
./bicep build BicepFiles/main.bicep
GitHub Repository example here
Hopefully you find this blog useful and give you a look into deploying Azure Bicep using GitHub Actions
Thomas Thornton - Microsoft Azure MVP - HashiCorp Ambassador 
1 comment